transparency-policy/doc/source/index.rst

THE OPENSTACK FOUNDATION TRANSPARENCY POLICY
============================================



1. Background.
--------------

This Transparency Policy (“Policy”) states OpenStack’s policy towards
disclosure of information to the public by members of the Board of
Directors (“Board Members”) and the officers and other employees of
OpenStack (“Employees”). The Policy provides guidance for Board
Members and officers in meeting their fiduciary duties and Employees
in meeting their legal obligations. This Policy supersedes any written
agreement of the Employees for the information described below (but
not including any third party information subject to a separate
confidentiality obligation) unless the written agreement expressly
stated in writing that it supersedes the Policy. The Board Members and
Employees are permitted to share certain information and are obligated
to keep other information confidential, as more particularly described
in this Policy. This Policy has been adopted by the Board, and
comments or questions should be directed to the Executive Director of
the OpenStack Foundation (“Executive Director”).



2. General Policy Favoring Transparency.
----------------------------------------

2.1 OpenStack favors disclosure and transparency to promote sharing
and collaboration within the OpenStack community. This Policy will
implement that strategy to assist in growing the ecosystem around
OpenStack’s software, strengthening the platform and protecting the
OpenStack brand. For these reasons, OpenStack adopts the following
approach to information disclosure to the public under this Policy:

(a) Board meetings (except executive sessions) are open to the public
for dial-in participation. Meeting times and dial-in details are
posted to OpenStack’s mailing list and at a governance wiki
(“Governance Wiki”) accessible at
`http://wiki.openstack.org/Governance/Foundation`_. The Chairman and
Vice Chairman of the Board will make best effort to publish the date,
time and dial-in details at least one week prior to the meeting on the
Governance Wiki and Foundation mailing list.

(b) In advance of Board meetings, agendas are also posted to the
Governance Wiki.

(c) The Executive Director posts a summary of the Board meeting after
the meeting to the OpenStack Foundation mailing list. The Executive
Director will make best effort to post a summary to the mailing list
within 72 hours of the meeting, after which point Board Members are
able to comment or post their own summaries.

(d) After Board meetings, the final versions of the Board minutes,
including records of the votes of Board Members are posted to the
Governance Wiki. The Secretary and Chairman of the Board will make
best effort to publish the official, approved minutes within a month
of the meeting.
(e) The general Board mailing list will be made available to the
public for read-only subscription, but the Board may maintain a
separate mailing list or document store to discuss confidential topics
as defined below.

(f) OpenStack Foundation Committees and working groups, such as the
Training Working Group and the Election Committee, are subject to the
same standards as the Board in terms of posting meeting dates, agendas
and summaries, and communicating via a mailing list, unless topics are
considered to be confidential information defined in section 3.1.
Committees and Working Groups should make an effort to solicit
community input and participation on policy issues by the use of
mailing lists, in-person meetings, webinars and phone calls.

(g) The contents of final applications for Platinum Members and Gold
Members shall be made available on the Governance Wiki no later than
three days prior to the Board meeting during which they are being
considered.

(h) The Chairman of the Board shall provide an annual summary of
OpenStack’s performance, which will include a financial overview, a
summary of major decisions, achievements and challenges of the prior
year.

(i) Communication regarding Foundation governance will take place on
the Foundation mailing list accessible at `http://lists.openstack.org/cgi-bin/mailman/listinfo/foundation`_.

2.2 To put the community first, OpenStack Board Members and Employees
will work to share or discuss community and governance information
with the OpenStack community through established channels before
releasing the information to the media. This does not include company-
confidential information, such as advance notice of product
announcements, investments, acquisitions or customer stories.



3. Confidential Information.
----------------------------

3.1 Notwithstanding a general policy favoring disclosure and
transparency, certainsensitive information must remain confidential.
“Confidential Information” means (a) information disclosed during the
executive session of Board meetings including, without limitation,
personnel matters, discussions around Gold Member applications and
information collected, prepared or discussed relating to or in
anticipation of litigation, (b) financial information (excluding
financial information included in the annual summary provided by the
Chairman of the Board) (c) disciplinary actions taken against Platinum
Members, Gold Members or Individual Members and (d) information
subject to other confidentiality obligations, whether arising under
law, statute or contract. In addition, Confidential Information shall
include certain “embargoed” information which is temporarily
Confidential Information and which shall include (a) draft Board
meeting minutes (but not to the extent included in the final Board
meeting minutes posted to the Governance Wiki) or (b) information
regarding strategic and marketing initiatives that might damage
OpenStack’s competitive position if disclosed prior to authorization
by theExecutive Director or the Board. At the time embargoed
information is shared or discussed, the provider will set an explicit
date or criteria as to when it can be made public.

3.2 Neither a Board Member nor an Employee (“TP Person”) may use,
disseminate, or in any way disclose any Confidential Information
except to the extent expressly permitted by the Board or Executive
Director. A TP Person must treat all Confidential Information with the
same degree of care as the TP Person accords to his or her own
confidential or proprietary information, but in no case less than
reasonable care. A TP Person may disclose Confidential Information
only to such persons or entities as permitted by the Board or
Executive Director, who need to know such Confidential Information and
who have previously agreed or agree in writing to be bound by
confidentiality terms and conditions protecting the Confidential
Information substantially similar to those terms and conditions
applicable to the TP Person under this Policy. A TP Person must
immediately give notice to the Executive Director of any unauthorized
use or disclosure of the Confidential Information. A TP Person must
assist OpenStack in remedying any such unauthorized use or disclosure
of the Confidential Information by the TP Person.

3.3 A TP Person’s obligations with respect to Confidential Information
will not apply to any such portion that the TP Person can document
either (a) was in the public domain at or subsequent to the time
enters the public domain without action or inaction by such TP Person;
(b) was rightfully in TP Person’s possession free of any obligation
ofconfidence at or subsequent to the time such portion was
communicated by OpenStack to TP Person; or (c) is made public by
direction of the Board or Executive Director. A disclosure of any
portion of Confidential Information, either (a) in response to a valid
order by a court or other governmental body, or (b) otherwise required
by law, shall not be considered to be a breach of the confidentiality
obligations set forth herein or a waiver of confidentiality for other
purposes; provided, however, that TP Person shall provide prompt prior
written notice thereof to the Executive Director to enable OpenStack
to seek a protective order or otherwise prevent such disclosure.

3.4 All Confidential Information remains the property of OpenStack,
and no license or other rights to Confidential Information is granted
or implied hereby.



4. Additional Obligations of Board Members.
-------------------------------------------

4.1 The confidentiality obligations set forth above is a guide to a TP
Person’s obligations to OpenStack, whether arising under law, statute
or contract, including but not limited to, the fiduciary obligations
of Board Members and officers. However, the fiduciary duty obligations
of Board Members and officers are established by statute and supersede
this Policy.

4.2 Board Members are seen as authoritative sources of information
concerning OpenStack’s business. To ensure a consistent approach to
public announcements, Board Members should generally defer to the
Executive Director with respect to communications with the public.

4.3 The Executive Director, Chairman of the Board and Vice Chairman of
the Board, if applicable, are the primary spokespeople when making
official statements on behalf of the Foundation. Board Members should
not make use of their OpenStack titleswhen promoting their own
companies or products.



5. Process to File a Complaint
------------------------------

If a Community Member or Board member wishes to file a complaint
against behavior that is not compliant with the Transparency Policy,
he or she should contact the Executive Director
(jonathan@openstack.org) in the absence of an Ombudsman. The Executive
Director will determine if quick, corrective action can be made,
pulling in the Transparency Committee when needed, and whether the
complaint should be brought in front of the full Board.

.. _http://wiki.openstack.org/Governance/Foundation: http://wiki.openstack.org/Governance/Foundation
.. _http://lists.openstack.org/cgi-bin/mailman/listinfo/foundation: http://lists.openstack.org/cgi-bin/mailman/listinfo/foundation